Vikash Jha

AWS, Technology

Continuing with Boto: List IAM users having 90 days older Access keys

AWS recommends to rotate your IAM user's Access keys periodically. Sometime we create access keys for IAM user and keep using it. We forget to rotate the keys after a period of time, which is not considered as a good practice. Recently, we came across a use case wherein we were supposed to rotate the access keys which were created 90...


AWS, Technology

Register chef-client in AWS Autoscaling

Recently, I was trying to implement a use case wherein, the server launched by an autoscaling group should automatically connects to chef server and register itself as node. The Problem Statement: How to install Chef Client on a node launched by aws autoscaling group? Step 1. Prepare AMI with chef-client installed To install...



Enable Switch Role feature to access Multiple AWS Accounts

Today we're going to demonstrate the use of switch role feature that AWS has introduced a few months back. This feature enables an IAM user to use switch role directly in AWS Management Console to access resources across multiple AWS accounts. E.g Lets say an IAM user X of Account 1 wants to access resources associated with Account 2....



Continuing with Boto: Find security group having port 22 open for all

Consider a use case where in any team members have opened port 22 for inside an EC2 security group and forgot, which is a big security concern for the Instances. So I have written a script using python boto library which scans all the security groups of running / stopped instances and sends an email to all stakeholders on...



Monitoring Nginx Connections

The Nginx web server comes with a bundled module "HttpStubStatusModule". By enabling this module we will get some insight of our nginx connections. This module provides the following information. Active Connections Connection Status (Accepted / Handled) Connection Request / Second Enable Module To get connection stats, we need to...


AWS, Technology

Continuing with Boto : Delete EBS snapshot which is 30 days older

In continuation with my previous blog "Getting Started with Boto ( python Interface for AWS )",  today we are going to discuss one of the use case that we used to do daily. Deleting EBS Snapshot which is N days older. We'll be writing python script using Boto library to delete EBS snapshots which is 30 days older. For this we will be...



log_output TABLE vs FILE inside Amazon RDS

Amazon RDS provides us with three different types of logs : 1) General Logs 2) Slow Query Logs 3) Error Logs   You can enable these logs by modifying the DB Parameter Group. 1) Enable General Log [js] Parameter Name : general_log Value : set the value to 1. Default is 0. [/js] 2) Enable Slowquery Log [js] ...



Getting Started with Boto ( python Interface for AWS )

Introduction   Boto is a python package  which provides an interface for AWS. With boto library, we can call the AWS resources using python script. This article walks you through the step by step guide for using boto library for calling AWS resources. Step 1  : Installation Step 2 : Configuration Step 3 : Creating...


AWS, Technology

Launching Infrastrucure using Terraform (Infrastructure as Code)

Terraform is a tool for creating, managing and versioning the infrastructure effectively. Terraform provides a common configuration to launch infrastructure of physical servers, DNS, Email Servers. With terraform, we will be launching servers using simple file based configuration ( JSON based ) and maintain versioning for each launch on...



AWS re:Invent : AWS Config

AWS Config, a web service being introduced this AWS re:invent. This web service is currently available for North Virginia Region. AWS Config enables Customer to get a complete view of configuration of AWS resources (EC2 Instance, Elastic IP, Security Groups , VPC , Internet Gateway etc) associated with your AWS account and also enables to...



ELB Logs on S3 Bucket

Today we'll be implementing an S3 bucket policy for storing multiple Elastic Load Balancer access logs on a single S3 bucket. Instead of having multiple S3 bucket for each ELB access logs, we'll create only one S3 bucket for storing all ELB's access logs. This section walks you through the step by step guide for configuring S3...


AWS, DevOps

Change ssh key-pair of Running EC2 Instance

Sometimes we get the requirement to change the key-pair for some security reasons. In this article, we will be changing the key pair of running EC2 instances. Steps: 1. Create a new key pair from AWS Console. 2. Generate Public key from newly created key pair ( Private Key ). 3. Paste the generated public key ( from Step 2 ) in...